Macro virus. What are they? How to fight them

what are macro viruses

How to prevent macro viruses: Since the computer began to be popular and used in practically any field and for any task,  viruses have accompanied its growth and expansion. And although in those first moments it was more a question of rebelling against the system, the scenario has changed today,  with the development of viruses being a most profitable activity.

One of the most dangerous types of virus, but which nevertheless goes largely unnoticed by all users who carry out their activities within the scope for which it was created,  is the so-called macro virus, a malware that has been designed to run on those small programs called macros,  so common in office suites such as Office, present in public offices, companies and personal computers around the world.

INTERESTING: Best Free Anti Spyware

If you want to learn more about the dangers of macro viruses, do not hesitate to read carefully all the content of this post, where you will find everything you need to avoid having problems with this type of virus so common in offices.

What are macro viruses and how to stay safe

How to prevent macro viruses: Before starting it is necessary to remember that  macros are small programs that include instructions and commands that are used to infect popular apps, such as office suites such as Microsoft Office, most commonly in Word or Excel, to automate or make easier a tasks that would otherwise be much more complex to perform.

These macros are used by virus developers to include code that, when executed,  opens a door to the attacker that is used to steal information or infection through expansion to other files on the system  with various objectives, always illegal, such as It could not be otherwise.

One of the simplest ways to get infected with a virus through a macro  is to receive a document, which can be an Excel or Word or any other that uses macros as part of its work, that contains an infected macro, a very common situation today in day. By opening it and executing the macro, which can be disguised as anything else, apparently harmless,  we are unleashing a series of events that can even end in the hijacking of our computer.

This is because hidden among the harmless instructions that the macro contains,  there is also code that will allow the cybercriminal to download malware or viruses to our PC , and already in this instance, attack us or attack our contact list, for example.

How to beware of macro viruses

How to prevent macro viruses: At this point, and to provide us with the most robust security framework possible, the first thing we have to remember is everything we have learned about viruses and how they attack us. In the fight against viruses, our intelligence and common sense are 100% important.

This means that we are the first line of defense, or last, depending on how it is understood, and we should not fully trust the characteristics of any antivirus software, since they can be wrong. types of macro virus

For example, in the case of receiving an attached file from someone we do not know,  the best we can do is open it in “Read Only” mode , since this mode will not allow the execution of macros or any other. item attached to the document. types of macro virus

How to prevent macro viruses: If the document is accompanied by a message that asks us to enable macros, the first thing we have to do is check that this request is well founded. If the document in question is only text, or numbers in Excel columns, it is most likely that we are being tricked into enabling macros and through them making us fall into a death trap.

In any case, never, under any circumstances, should open documents from sources that we do not know, even less that arouse the slightest suspicion. If we receive an email notifying us or informing us of something that we did not request or that we have no idea what it is about, it goes without  saying that that attached message should never be opened. types of macro virus

Macro viruses and contact lists

How to prevent macro viruses: Of course, we can always fall into a trap without realizing it, a typical case of this is when, for example,  an attacker has infected one of our contacts,  and the virus that attacked him begins to send emails to the contacts he has on his list .

As we trust the sender of the message, we proceed to open the document and get caught in the net. This happens because many times we do not check the attachments in the emails to verify that there is something else in the email. At this point, in an email of this type we will not find anything that we can relate to the person who supposedly sent the message, already a rather suspicious situation.

In these cases, that is, when in the email of the trusted sender we only find the attached document, it is best to check with the sender if they have sent us an email with these characteristics, and from their response, act accordingly.

At this point, the best we can do to avoid falling into the trap of macro viruses is to be extremely cautious, always without falling into obsession. Here we are alone, as not even the best antivirus can handle human nonsense. The only case in which an antivirus can help us in these cases  is when the attached document also carries malware that allows the subsequent download of malicious files. types of macro virus

How to stay safe from macro viruses

How to prevent macro viruses: The first slogan that we must remember to stay safe from malware is to use common sense. If we receive an email informing us that we already have a package available , but we do not expect one, it is obvious that it is a trap, and therefore we should not open it.

In the case of macros , if we open a file, and we are shown the notification to activate the macros, the first thing we have to think about is whether it is necessary for the document to contain macros. In the case that the document only contains text and some images, then there is no need for macros,  therefore it is a hoax.

It can also happen that we receive an email from a trusted contact, and that it is infected with malware. Being from a known contact, we will most likely open it without thinking twice, but this can be a fatal mistake.

The point is that our contact may already be infected and we may be the victims that were available in their contact list. This means that we should not open any attachment without first checking that it is clean.  Fortunately, it is easy to realize this, since a document infected with a virus macro can be recognized since they generally do not have a message in the body of the email.

If this is the case, it is best to check with our contact to verify that it was who sent us the message. If you haven’t had any input on the subject,  then the only smart option is to delete the email with its content.

How to fight macro viruses

How to prevent macro viruses: One of the first things that are usually advised to fight macro viruses is to use a modern and up-to-date antivirus, which will prevent malware from being downloaded to our PC or information leaking outside our computer. types of macro virus

However, the best we can do is be careful and follow a series of tips until we have them well assimilated. A good example of this is when opening a Word document that we think might harbor macro viruses inside it,  hold down the “Shift” key, which will prevent macros from running. types of macro virus

Delete macro virus

Unfortunately, if we are users who do not take security very seriously, becoming infected with some type of macro virus is very simple,

and worst of all is that the antivirus that we have installed on our PC is not of great help to us. The only thing they can do is help us clean up in case the macro virus downloads other threats or sends or receives data to or from our computer. types of macro virus

That is why we must always make a backup of our most important data, since in the event of a macro virus infection that we cannot control, we can always format the computer so that everything returns to normal.

How to protect Microsoft Office from macro viruses

A lot of water has passed under the bridge since those days when the maximum in computers was a 286,  the technology has advanced to levels that at that time were simply science fiction.  So did the software, which, taking advantage of the power that the new processors, memories and motherboards could achieve, were increasingly competent and powerful.

Unfortunately,  we must also include viruses in this technological advance,  which in the same way as operating systems and software in general, gained in destructive power and effectiveness. To such an extent, malware has gained ground that today it is an extremely profitable business, and with which there is much to be gained. types of macro virus

That is why from this point on in this post we will know the scope of macro viruses,  which although it seems that they do not have the same penetration as in the past, the truth is that as we have been mentioning it is a very dangerous malware, especially if it is aimed at users of Microsoft’s office suite, Office.

What are Macro Viruses and how do they affect Office?

We explained earlier in this post that a macro virus is a malware that infects macro files , that is, files that are a series of commands and instructions that are grouped together in a single command to perform a task automatically, generally with the aim of increasing the possibilities of a program.

These macros are widely used in companies or homes where Microsoft Office applications such as Word or Excel are running. How do these macro viruses reach our PC? Unfortunately, in a very simple, but terrifyingly effective way, via email. Taking advantage of senders’ naivety or carelessness.

Cybercriminals to achieve an infection send a document with a macro infected with malware with a very attractive title, or any other name that arouses the sender’s curiosity.

When the user opens the infected document, the macro it contains is executed, performing the task that the criminal programmed in it, which can be virtually anyone, including the possibility that the macro downloads other malware, collects information to send it elsewhere. or duplicate to be sent, without our consent, of course, to all the contacts that we have in our contact list. types of macro virus

What is Microsoft doing about macro viruses for Office?

After discovering the fact that macros could do so much damage, measures were taken from Microsoft, one of the most important being to prevent macros from working directly by default. In other words, if we want to run a macro, even if it comes from a trusted provider, we will always have to enable its operation manually.

This action was applied to  Word, Excel and other applications that make up the Office suite plus some other company programs, and although it is not the best way to do it, it made it possible that the impact of macros infected with viruses was not as apocalyptic as it could be. have been, being the macros so widely used in the business and office environment.

At the time, after learning of the problem,  Microsoft began to encourage users to disable the execution of macros automatically,  that is, that users must give execution permissions. In addition, in successive versions of patches and versions of Office, the option to manually enable or disable macros was already enabled by default. When you try to run a macro, the system displays a notification where it provides us with the necessary tools for it.

From this modification, the cybercriminal has to program his macros taking into account that now the user knows that a macro is being executed , and has the control to decide which macro to execute and which not. This allows for a very high level of security, at least when it comes to macros.

To give an example, let’s imagine we receive an email asking us to open an attachment. This file uses macros. Since the automatic execution of macros is disabled, when we open the document, we will be shown a notification where we can, or not, enable the content, without risk. types of macro virus

In the case of receiving many documents, for example Word, with macros from reliable and safe sources, we can always disable the protection of the Word settings, precisely by clicking on  “File”,  then on  “Options”,  then on  “Trust Center ”.

Then click on the button  “Trust Center Settings”  and finally on “Macro Settings”

It should be noted that these instructions for enabling or disabling macros are similar for all Office products, at least those that use macros.

Open a document with macros without being attacked by a virus

One of the great characteristics of Microsoft’s Word application resides in the possibility that the program offers to introduce macros into documents. Without this advantage, it might not have the degree of utility that characterizes it. Of course, just as they can be beneficial, they can also be used for malicious purposes, including viruses.

One of the main uses of macros within Word or Excel is to allow us to repeat procedures, that is, to automate tasks that would otherwise be very tedious to do over and over again. types of macro virus

As an example, we can say that if we need several equal invoice formats, with the macro we only have to do it once, and then we activate them through the macro, saving us a lot of time, in addition to being much easier than copying the format and paste it several times.

Likewise, it is important to mention that almost all the programs that are part of the Microsoft office suite allow the use of the Visual Basic for Applications language, which also allows creating macros.

Ultimately, macros are generally used to  perform  routine editing and formatting tasks more quickly , to  combine multiple commands , to make  an option in a dialog box more accessible , and supposed to  automate various series of complex tasks.

For all these reasons, macros can be a more than useful element in our daily tasks. But at the same time, as we have already mentioned, they can also become a real risk, since it is one of the methods that some computer criminals usually use to camouflage malware,  and thus infect our PC. types of macro virus

That is why, surely on more than one occasion we have feared when receiving a file with a .doc extension and we have doubted when opening it, since the document in question may contain macros that hide viruses.

But the truth is that we should not despair in this situation, since if we use Office, the programs in this suite have a protection system, through which when opening a document that includes macros, we are notified of their presence through a security warning, while macros are automatically disabled.

INTERESTING: Differences between browser and search engine

In the event that we want to  activate the macros , we must click on the  “Enable content” button  within the warning box.

We can also  modify the default behavior of the program to allow macros to always be activated when opening the files  that contain them, although of course, this is not recommended.

Bear in mind that  we only need to enable macros when the file we receive was sent to us by someone we know , and that it is also necessary to use the macros in that document.

In short, in all cases it is convenient  to scan the document with an  antivirus tool, in order to verify that the file does not contain malware.


As we could see, macro viruses can be very dangerous,  and their easy contagion makes them one of the best tools available to sow problems.  However, if we take a couple of precautions, we can work calmly without worrying, that is why it is so important to know everything about their actions.